Well, no one here will get it, but cyber criminals have developed very sophisticated means of gathering identifying info,friends,interests of individuals who through social engineering may fall victim.

"Destructive computer virus uncovered

A computer virus that tries to avoid detection by making the machine it infects unusable has been found..."

My phone company wants you to keep your profile information current so they send you a email asking your email address and credit card number and your street address and state+country and provide links to fill in your information, to me this sounds like a phishing email with a payload of viruses...so I just ignore the email.

I don't think it's so much that this particular strain is a threat with the way it's spread (I honestly expect this is a PoC whose code will be for sale on some black market or another) but once others begin adding similar functions into new variants of malware it could start to be a real issue. With so much data to sift through it would take AV vendors even longer to catch up (and they're already behind to start with.) Add to that the wiping ability and I'd hate to have one this like end up on my machine via an ad exploit later down the line. ><

Repeat after anon and I "It gets installed when people click on attachments included in malicious e-mails."
I know you guys are all aware of this but for the occasional visitor : "It gets installed when people click on attachments included in malicious e-mails."
Like in West Side Story's "Maria"... I'll never stop saying ... OKAY

Yesterday in the news we saw a huge spike in the interest of the Rombertik malware. Rombertik infiltrates the computer through email phishing attacks that drop as a .scr screen saver executable that contains the malware that will inject code into your browsers to spy on you and threaten your MBR or Encrypt documents if it detects that it’s being analyzed or sandboxed. We’ve been catching these variants since January 13th, but only now has it become so popular with the media coverage.

If you run this inside the sandbox with Sandboxie, it can't do any damage. If run outside the sandbox, a HIPS like SpyShelter should be able to block modification to the MBR. And normally, HMPA should be able to block the file modification part.

There is also a lot of FUD out there. I saw a BBC article that said if your MBR was wiped out the only solution was to resinstall windows. Apparently they have never heard of Imaging software or the windows repair disk. Geesh.

"It gets installed when people click on attachments included in malicious e-mails."
I would take that with a pinch of salt, it is fallacy to suggest such a sophisticated piece of malware only attacks via email attachments. Email attachments are just one way of delivering executable code to a machine, there are countless other ways.

Rombertik's disk wiping mechanism is aimed at pirates, not researchers

Rombertik, the information-stealing malware that was recently analyzed by Cisco researchers and which apparently tries to prevent researchers from doing so by rewriting the computer's Master Boot Record, is actually a newer version of an underground crimeware kit known as Carbon FormGrabber (or Carbon Grabber), Symantec researchers have found.

They also believe that the destructive action performed by the Trojan is not aimed against researchers, but "naive cheapskates who may be trying to use this software for free."

Rombertik: A Master of Evasive Malware Techniques
David Bisson
May 26, 2015

Earlier this month, several media outlets ran a story claiming that a new type of malware could be used to destroy victims’ computers. These stories might have fared well in views, but their fear, uncertainty, and doubt (FUD) have proven useful to no one. Fortunately, a number of security experts including Graham Cluley were quick to correct the false impressions these articles created, allowing us to explore the threat, known as ‘Rombertik,’ in earnest.

The Rombertik malware has made numerous headlines over the past weeks due to a destructive feature that overwrites the computer’s master boot record (MBR). Researchers at ThreatConnect have conducted an analysis and traced the destructive sample to a Nigeria-based individual.

What makes one novel strain of malicious software more dangerous or noteworthy than another? Is it the sheer capability and feature set of the new malware, or are these qualities meaningless without also considering the skills, intentions and ingenuity of the person wielding it? Most experts probably would say it’s important to consider attribution insofar as it is knowable, but it’s remarkable how seldom companies that regularly publish reports on the latest criminal innovations go the extra mile to add context about the crooks apparently involved in deploying those tools.